From e5641b12148c9d280418b18d9e54a8cad3417b1f Mon Sep 17 00:00:00 2001 From: Kevin Chung Date: Fri, 21 Aug 2020 01:10:55 -0400 Subject: [PATCH] Add tests copied from users --- tests/admin/test_fields.py | 55 ++++++++ tests/teams/test_fields.py | 251 +++++++++++++++++++++++++++++++++++++ tests/users/test_fields.py | 35 +++--- 3 files changed, 323 insertions(+), 18 deletions(-) create mode 100644 tests/teams/test_fields.py diff --git a/tests/admin/test_fields.py b/tests/admin/test_fields.py index 97a3e9da..4a6fc7b4 100644 --- a/tests/admin/test_fields.py +++ b/tests/admin/test_fields.py @@ -1,10 +1,12 @@ #!/usr/bin/env python # -*- coding: utf-8 -*- +from CTFd.models import Users from tests.helpers import ( create_ctfd, destroy_ctfd, gen_field, + gen_team, login_as_user, register_user, ) @@ -37,3 +39,56 @@ def test_admin_view_fields(): assert "CustomField3" in resp assert "CustomField4" in resp destroy_ctfd(app) + + +def test_admin_view_team_fields(): + app = create_ctfd(user_mode="teams") + with app.app_context(): + register_user(app) + team = gen_team(app.db) + user = Users.query.filter_by(id=2).first() + user.team_id = team.id + app.db.session.commit() + + gen_field( + app.db, + name="CustomField1", + type="team", + required=True, + public=True, + editable=True, + ) + gen_field( + app.db, + name="CustomField2", + type="team", + required=False, + public=True, + editable=True, + ) + gen_field( + app.db, + name="CustomField3", + type="team", + required=False, + public=False, + editable=True, + ) + gen_field( + app.db, + name="CustomField4", + type="team", + required=False, + public=False, + editable=False, + ) + + with login_as_user(app, name="admin") as admin: + # Admins should see all team fields regardless of public or editable + r = admin.get("/admin/teams/1") + resp = r.get_data(as_text=True) + assert "CustomField1" in resp + assert "CustomField2" in resp + assert "CustomField3" in resp + assert "CustomField4" in resp + destroy_ctfd(app) diff --git a/tests/teams/test_fields.py b/tests/teams/test_fields.py new file mode 100644 index 00000000..e9250025 --- /dev/null +++ b/tests/teams/test_fields.py @@ -0,0 +1,251 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +from CTFd.models import TeamFieldEntries, Teams, Users +from tests.helpers import ( + create_ctfd, + destroy_ctfd, + gen_field, + gen_team, + login_as_user, + register_user, +) + + +def test_new_fields_show_on_pages(): + app = create_ctfd(user_mode="teams") + with app.app_context(): + register_user(app) + team = gen_team(app.db) + user = Users.query.filter_by(id=2).first() + user.team_id = team.id + team = Teams.query.filter_by(id=1).first() + team.captain_id = 2 + app.db.session.commit() + + gen_field(app.db, name="CustomField1", type="team") + + with login_as_user(app) as client: + r = client.get("/teams/new") + assert "CustomField1" in r.get_data(as_text=True) + assert "CustomFieldDescription" in r.get_data(as_text=True) + + r = client.get("/team") + assert "CustomField1" in r.get_data(as_text=True) + assert "CustomFieldDescription" in r.get_data(as_text=True) + + r = client.patch( + "/api/v1/teams/me", + json={"fields": [{"field_id": 1, "value": "CustomFieldEntry"}]}, + ) + resp = r.get_json() + assert resp["success"] is True + assert resp["data"]["fields"][0]["value"] == "CustomFieldEntry" + assert resp["data"]["fields"][0]["description"] == "CustomFieldDescription" + assert resp["data"]["fields"][0]["name"] == "CustomField1" + assert resp["data"]["fields"][0]["field_id"] == 1 + + r = client.get("/team") + resp = r.get_data(as_text=True) + assert "CustomField1" in resp + assert "CustomFieldEntry" in resp + + r = client.get("/teams/1") + resp = r.get_data(as_text=True) + assert "CustomField1" in resp + assert "CustomFieldEntry" in resp + destroy_ctfd(app) + + +def test_team_fields_required_on_creation(): + app = create_ctfd(user_mode="teams") + with app.app_context(): + register_user(app) + gen_field(app.db, type="team") + + with app.app_context(): + with login_as_user(app) as client: + assert Teams.query.count() == 0 + r = client.get("/teams/new") + resp = r.get_data(as_text=True) + assert "CustomField" in resp + assert "CustomFieldDescription" in resp + + with client.session_transaction() as sess: + data = { + "name": "team", + "password": "password", + "nonce": sess.get("nonce"), + } + r = client.post("/teams/new", data=data) + assert "Please provide all required fields" in r.get_data(as_text=True) + assert Teams.query.count() == 0 + + with client.session_transaction() as sess: + data = { + "name": "team", + "password": "password", + "fields[1]": "CustomFieldEntry", + "nonce": sess.get("nonce"), + } + r = client.post("/teams/new", data=data) + assert r.status_code == 302 + assert Teams.query.count() == 1 + + entry = TeamFieldEntries.query.filter_by(id=1).first() + assert entry.team_id == 1 + assert entry.value == "CustomFieldEntry" + destroy_ctfd(app) + + +def test_team_fields_properties(): + app = create_ctfd(user_mode="teams") + with app.app_context(): + register_user(app) + team = gen_team(app.db) + user = Users.query.filter_by(id=2).first() + user.team_id = team.id + team = Teams.query.filter_by(id=1).first() + team.captain_id = 2 + app.db.session.commit() + + gen_field( + app.db, + name="CustomField1", + type="team", + required=True, + public=True, + editable=True, + ) + gen_field( + app.db, + name="CustomField2", + type="team", + required=False, + public=True, + editable=True, + ) + gen_field( + app.db, + name="CustomField3", + type="team", + required=False, + public=False, + editable=True, + ) + gen_field( + app.db, + name="CustomField4", + type="team", + required=False, + public=False, + editable=False, + ) + + with login_as_user(app) as client: + r = client.get("/teams/new") + resp = r.get_data(as_text=True) + assert "CustomField1" in resp + assert "CustomField2" in resp + assert "CustomField3" in resp + assert "CustomField4" in resp + + r = client.get("/team") + resp = r.get_data(as_text=True) + assert "CustomField1" in resp + assert "CustomField2" in resp + assert "CustomField3" in resp + assert "CustomField4" not in resp + + r = client.patch( + "/api/v1/teams/me", + json={ + "fields": [ + {"field_id": 1, "value": "CustomFieldEntry1"}, + {"field_id": 2, "value": "CustomFieldEntry2"}, + {"field_id": 3, "value": "CustomFieldEntry3"}, + {"field_id": 4, "value": "CustomFieldEntry4"}, + ] + }, + ) + resp = r.get_json() + assert resp == { + "success": False, + "errors": {"fields": ["Field 'CustomField4' cannot be editted"]}, + } + + r = client.patch( + "/api/v1/teams/me", + json={ + "fields": [ + {"field_id": 1, "value": "CustomFieldEntry1"}, + {"field_id": 2, "value": "CustomFieldEntry2"}, + {"field_id": 3, "value": "CustomFieldEntry3"}, + ] + }, + ) + assert r.status_code == 200 + + r = client.get("/team") + resp = r.get_data(as_text=True) + assert "CustomField1" in resp + assert "CustomField2" in resp + assert ( + "CustomField3" in resp + ) # This is here because /team contains team settings + assert "CustomField4" not in resp + + r = client.get("/teams/1") + resp = r.get_data(as_text=True) + assert "CustomField1" in resp + assert "CustomField2" in resp + assert "CustomField3" not in resp + assert "CustomField4" not in resp + destroy_ctfd(app) + + +def test_teams_boolean_checkbox_field(): + app = create_ctfd(user_mode="teams") + with app.app_context(): + register_user(app) + gen_field( + app.db, + name="CustomField1", + type="team", + field_type="boolean", + required=False, + ) + + with login_as_user(app) as client: + r = client.get("/teams/new") + resp = r.get_data(as_text=True) + + # We should have rendered a checkbox input + assert "checkbox" in resp + + with client.session_transaction() as sess: + data = { + "name": "team", + "password": "password", + "nonce": sess.get("nonce"), + "fields[1]": "y", + } + client.post("/teams/new", data=data) + assert Teams.query.count() == 1 + + assert TeamFieldEntries.query.count() == 1 + assert TeamFieldEntries.query.filter_by(id=1).first().value is True + + with login_as_user(app) as client: + r = client.get("/team") + resp = r.get_data(as_text=True) + assert "CustomField1" in resp + assert "checkbox" in resp + + r = client.patch( + "/api/v1/teams/me", json={"fields": [{"field_id": 1, "value": False}]} + ) + assert r.status_code == 200 + assert TeamFieldEntries.query.count() == 1 + assert TeamFieldEntries.query.filter_by(id=1).first().value is False + destroy_ctfd(app) diff --git a/tests/users/test_fields.py b/tests/users/test_fields.py index d3b12278..424a90fb 100644 --- a/tests/users/test_fields.py +++ b/tests/users/test_fields.py @@ -130,7 +130,7 @@ def test_fields_properties(): resp = r.get_json() assert resp == { "success": False, - "errors": {"fields": ["Field CustomField4 cannot be editted"]}, + "errors": {"fields": ["Field 'CustomField4' cannot be editted"]}, } r = client.patch( @@ -166,25 +166,24 @@ def test_boolean_checkbox_field(): with app.app_context(): gen_field(app.db, name="CustomField1", field_type="boolean", required=False) - with app.app_context(): - with app.test_client() as client: - r = client.get("/register") - resp = r.get_data(as_text=True) + with app.test_client() as client: + r = client.get("/register") + resp = r.get_data(as_text=True) - # We should have rendered a checkbox input - assert "checkbox" in resp + # We should have rendered a checkbox input + assert "checkbox" in resp - with client.session_transaction() as sess: - data = { - "name": "user", - "email": "user@ctfd.io", - "password": "password", - "nonce": sess.get("nonce"), - "fields[1]": "y", - } - client.post("/register", data=data) - with client.session_transaction() as sess: - assert sess["id"] + with client.session_transaction() as sess: + data = { + "name": "user", + "email": "user@ctfd.io", + "password": "password", + "nonce": sess.get("nonce"), + "fields[1]": "y", + } + client.post("/register", data=data) + with client.session_transaction() as sess: + assert sess["id"] assert UserFieldEntries.query.count() == 1 assert UserFieldEntries.query.filter_by(id=1).first().value is True